From 2310f6c0d02c8dd9f2085a04f5dd410f691da79e Mon Sep 17 00:00:00 2001
From: Daniel Friesel <derf@derf.homelinux.org>
Date: Sat, 20 Mar 2010 12:14:51 +0100
Subject: Add (very experimental) caretaker-shell

---
 man/7/caretaker-shell.pod | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 man/7/caretaker-shell.pod

(limited to 'man/7')

diff --git a/man/7/caretaker-shell.pod b/man/7/caretaker-shell.pod
new file mode 100644
index 0000000..faac251
--- /dev/null
+++ b/man/7/caretaker-shell.pod
@@ -0,0 +1,20 @@
+=pod
+
+=head1 NAME
+
+caretaker-shell - Restricted shell for caretaker commands
+
+=head1 DESCRIPTION
+
+B<caretaker-shell> is designed to only execute commands required B<caretaker>.
+This is useful if you want to use B<caretaker> with ssh on untrusted hosts:
+Generate a SSH key and put it into your .ssh/authorized_keys prefixed by
+C<< command="/path/to/caretaker-shell" >>.
+This way, caretaker will work, but it won't be possible to gain actual SSH
+access to your host.
+
+=head1 WARNING
+
+This is an experimental feature, security flaws may be present. Use at own
+risk, and while you're at it you might also want to add a passphrase to your
+ssh keys.
-- 
cgit v1.2.3